"Security in the implementation of the MSXML 4.0 SP2 ServerXmlHttp object has been enhanced to check the Internet Explorer security policy setting for submitting non-encrypted form data. A security policy setting of "Disable" or "Prompt" for the "Submit nonencrypted form data" option will result in an "Access Denied" error message when attempting to post form data using the ServerXmlHttp object. This is a change that can potentially break existing code that uses earlier versions of the ServerXmlHttp object (such as prior released versions of both MSXML 3.0 and MSXML 4.0) to post form data when the Internet Explorer security policy setting for submitting non-encrypted form data is not enabled."

This might happen if you have an existing application running on, say, Windows 2000, then you upgrade the machine to Window 2003 and get the new MSXML "for free." Remember - know the application stack, the whole stack if you can. The OS is part of the stack, and in this case, XML is too.

About Scott

Scott Hanselman is a former professor, former Chief Architect in finance, now speaker, consultant, father, diabetic, and Microsoft employee. He is a failed stand-up comic, a cornrower, and a book author.